package org.sourcelab.hkp.rest;

import java.io.IOException;
import java.net.SocketException;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.hc.client5.http.ClientProtocolException;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.auth.BasicAuthCache;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.auth.BasicScheme;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.client5.http.ssl.DefaultHostnameVerifier;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.io.HttpClientResponseHandler;
import org.apache.hc.core5.http.ssl.TLS;
import org.apache.hc.core5.net.URIBuilder;
import org.apache.hc.core5.ssl.SSLContexts;
import org.apache.hc.core5.util.Timeout;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sourcelab.hkp.ConnectionFailedException;
import org.sourcelab.hkp.config.Configuration;
import org.sourcelab.hkp.request.Request;
import org.sourcelab.hkp.rest.handlers.RestResponseHandler;

/* loaded from: input_file:org/sourcelab/hkp/rest/HttpClient5RestClient.class */
public class HttpClient5RestClient implements RestClient {
    private static final Logger logger = LoggerFactory.getLogger(HttpClient5RestClient.class);
    private Configuration configuration;
    private CloseableHttpClient httpClient;
    private HttpClientContext httpClientContext;

    @Override // org.sourcelab.hkp.rest.RestClient
    public void init(Configuration configuration) {
        NoopHostnameVerifier defaultHostnameVerifier;
        this.configuration = configuration;
        SSLContext createDefault = SSLContexts.createDefault();
        try {
            createDefault.init(new KeyManager[0], getTrustManagers(), new SecureRandom());
            if (configuration.isIgnoreInvalidSslCertificates()) {
                logger.warn("Using insecure configuration, skipping server-side certificate validation checks.");
                defaultHostnameVerifier = NoopHostnameVerifier.INSTANCE;
            } else {
                defaultHostnameVerifier = new DefaultHostnameVerifier();
            }
            HttpClientBuilder connectionManager = HttpClientBuilder.create().setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create().setSslContext(createDefault).setTlsVersions(new TLS[]{TLS.V_1_1, TLS.V_1_2}).setHostnameVerifier(defaultHostnameVerifier).build()).build());
            RequestConfig.Builder custom = RequestConfig.custom();
            this.httpClientContext = HttpClientContext.create();
            BasicAuthCache basicAuthCache = new BasicAuthCache();
            if (configuration.hasProxyConfigured()) {
                HttpHost httpHost = new HttpHost(configuration.getProxyConfiguration().getScheme(), configuration.getProxyConfiguration().getHost(), configuration.getProxyConfiguration().getPort());
                if (configuration.getProxyConfiguration().isAuthenticationRequired()) {
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(new AuthScope(configuration.getProxyConfiguration().getHost(), configuration.getProxyConfiguration().getPort()), new UsernamePasswordCredentials(configuration.getProxyConfiguration().getUsername(), configuration.getProxyConfiguration().getPassword().toCharArray()));
                    basicAuthCache.put(new HttpHost(configuration.getProxyConfiguration().getScheme(), configuration.getProxyConfiguration().getHost(), configuration.getProxyConfiguration().getPort()), new BasicScheme());
                    connectionManager.setDefaultCredentialsProvider(basicCredentialsProvider);
                    this.httpClientContext.setCredentialsProvider(basicCredentialsProvider);
                }
                custom.setConnectionRequestTimeout(Timeout.ofSeconds(configuration.getRequestTimeoutSecs())).setConnectTimeout(Timeout.ofSeconds(configuration.getRequestTimeoutSecs())).setProxy(httpHost);
                this.httpClientContext.setAuthCache(basicAuthCache);
            }
            connectionManager.setDefaultRequestConfig(custom.build());
            this.httpClient = connectionManager.build();
        } catch (KeyManagementException e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    private TrustManager[] getTrustManagers() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            if (this.configuration.isIgnoreInvalidSslCertificates()) {
                return new TrustManager[]{new NoopTrustManager()};
            }
            trustManagerFactory.init((KeyStore) null);
            return trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    @Override // org.sourcelab.hkp.rest.RestClient
    public void close() {
        if (this.httpClient != null) {
            try {
                this.httpClient.close();
            } catch (IOException e) {
                logger.error("Error closing: {}", e.getMessage(), e);
            }
        }
        this.httpClient = null;
    }

    @Override // org.sourcelab.hkp.rest.RestClient
    public RestResponse submitRequest(Request request) throws RestException {
        try {
            return (RestResponse) submitRequest(request, new RestResponseHandler());
        } catch (IOException e) {
            throw new RestException(e.getMessage(), e);
        }
    }

    private <T> T submitRequest(Request request, HttpClientResponseHandler<T> httpClientResponseHandler) throws IOException {
        return (T) submitRequest(constructApiUrl(request), request.getRequestParameters(), httpClientResponseHandler);
    }

    private <T> T submitRequest(String str, Map<String, String> map, HttpClientResponseHandler<T> httpClientResponseHandler) {
        try {
            URIBuilder charset = new URIBuilder(str).setCharset(StandardCharsets.UTF_8);
            for (Map.Entry<String, String> entry : map.entrySet()) {
                charset.setParameter(entry.getKey(), entry.getValue());
            }
            HttpGet httpGet = new HttpGet(charset.build());
            logger.info("Executing request {}", httpGet.getRequestUri());
            return (T) this.httpClient.execute(httpGet, this.httpClientContext, httpClientResponseHandler);
        } catch (IOException e) {
            logger.error("Caught IOException: {}", e.getMessage(), e);
            return null;
        } catch (ClientProtocolException | SocketException | URISyntaxException | SSLHandshakeException e2) {
            throw new ConnectionFailedException(e2.getMessage(), e2);
        }
    }

    private String constructApiUrl(Request request) {
        return this.configuration.getKeyServerHost() + this.configuration.getBasePath();
    }
}
